This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft File: atwsIKz5mPCjL-cp_bLMnRoBP9I.mft (raw, json) Hash identifier: yaCLZiAoG3Dzkmky1GDO/4TI9PuQYZzgmXyNVLQH/1E= Subject key identifier: 7F:2B:38:89:6A:B9:DE:86:5B:8F:A6:C0:B6:F7:20:9A:DC:7D:78:B8 Authority key identifier: 6A:DC:2C:20:AC:F9:98:F0:A3:2F:E7:29:FD:B2:CC:9D:1A:01:3F:D2 Certificate issuer: /CN=6adc2c20acf998f0a32fe729fdb2cc9d1a013fd2 Certificate serial: 019AF1D17E455351AB86B9E9C97E9F19C921 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft Manifest number: 42 Signing time: Sat 06 Dec 2025 04:00:29 +0000 Manifest this update: Sat 06 Dec 2025 04:00:29 +0000 Manifest next update: Sun 07 Dec 2025 04:00:29 +0000 Files and hashes: 1: atwsIKz5mPCjL-cp_bLMnRoBP9I.crl (hash: dR6aD3axlnsylnKapsnLx1rdsAg3Lc1nioqEkqrrCss=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:7e:45:53:51:ab:86:b9:e9:c9:7e:9f:19:c9:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6adc2c20acf998f0a32fe729fdb2cc9d1a013fd2 Validity Not Before: Dec 6 04:00:29 2025 GMT Not After : Dec 7 04:00:29 2025 GMT Subject: CN=7f2b38896ab9de865b8fa6c0b6f7209adc7d78b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e1:93:06:92:c4:51:3f:8d:7c:3f:92:3f:27: bb:1e:08:ed:46:86:5c:ae:d1:6b:80:83:b9:85:12: d4:3f:11:e4:54:f8:af:ee:bf:15:e6:65:eb:9f:77: 01:f1:59:fd:59:57:45:18:52:ab:f5:14:86:05:4d: e0:45:97:c9:fc:79:ab:4d:d0:24:f5:12:52:29:b9: 99:47:69:93:0b:8e:23:0f:ca:e6:62:ed:32:4c:f1: 12:7f:30:79:46:4b:b3:b8:ac:87:65:6e:81:57:5d: cc:38:85:17:02:51:52:97:8e:10:ab:56:75:78:d3: e0:f3:84:d5:8f:92:a8:06:3b:9e:11:25:4a:58:ff: f3:9b:f6:fe:11:ff:d3:af:fe:e5:48:28:24:1d:b2: 06:43:f9:a1:a1:d9:c6:83:98:85:22:d0:6a:5a:01: c6:a7:9e:d1:54:f9:4d:48:32:66:76:d9:3b:93:b2: 60:db:a1:40:f9:69:29:62:97:36:32:73:12:4f:a7: 1b:28:3c:7b:52:f9:50:74:75:5d:c5:18:6b:cb:d3: 3d:fa:c2:75:4b:45:88:7e:20:c5:a5:e6:48:62:94: b2:fa:12:a1:fc:f5:5b:fd:09:9d:9a:62:7f:08:b7: f1:90:f6:7f:c7:f3:fd:aa:52:01:f0:12:eb:98:8f: d3:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:2B:38:89:6A:B9:DE:86:5B:8F:A6:C0:B6:F7:20:9A:DC:7D:78:B8 X509v3 Authority Key Identifier: keyid:6A:DC:2C:20:AC:F9:98:F0:A3:2F:E7:29:FD:B2:CC:9D:1A:01:3F:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/atwsIKz5mPCjL-cp_bLMnRoBP9I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/610b54-4174-4605-8c56-b8a3e9cfeaf7/1/atwsIKz5mPCjL-cp_bLMnRoBP9I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:de:60:49:de:8f:77:cb:d7:9d:e1:c9:c4:d1:90:a9:11:69: ed:99:e2:54:66:da:ee:3f:5c:0b:8d:89:e0:dd:45:69:49:8b: ae:8e:a1:aa:61:20:97:3e:1a:e5:50:5f:ea:eb:8d:27:08:78: ab:f3:4e:40:40:6a:c6:f1:ec:13:c5:3d:73:38:06:ec:38:2b: 1d:cb:83:98:c2:2e:cd:a7:ca:fb:64:4a:6b:b0:88:01:20:d4: 20:11:b3:db:a5:44:f4:88:59:c1:5c:08:8e:8e:54:31:7d:98: c3:e4:5d:7f:41:d8:61:3f:75:99:a2:f4:e4:ae:54:b3:3c:21: bb:3b:b6:8a:f2:a6:8c:c6:b9:a3:c4:77:d1:45:b7:91:77:f0: cb:d0:46:c3:63:e0:89:80:dd:eb:f4:b7:f9:cc:44:d4:92:33: e7:34:f5:da:32:7b:23:ee:ad:e0:d2:5c:26:c5:1a:4e:38:70: 11:f8:88:e9:2b:6d:83:e0:66:c3:09:40:15:11:49:30:ca:c9: 9b:81:0c:8d:f5:89:12:e2:4f:b4:46:20:20:d3:84:36:4c:cc: d7:04:76:7f:19:c9:02:74:1e:62:64:62:bc:ce:c2:8f:5d:bd: 7f:4c:7a:87:2d:13:b8:7e:cc:5a:44:f8:1e:de:cc:a7:ab:24: 2b:4d:5b:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0X5FU1GrhrnpyX6fGckhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhZGMyYzIwYWNmOTk4ZjBhMzJmZTcyOWZkYjJjYzlkMWEw MTNmZDIwHhcNMjUxMjA2MDQwMDI5WhcNMjUxMjA3MDQwMDI5WjAzMTEwLwYDVQQD Eyg3ZjJiMzg4OTZhYjlkZTg2NWI4ZmE2YzBiNmY3MjA5YWRjN2Q3OGI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeGTBpLEUT+NfD+SPye7HgjtRoZc rtFrgIO5hRLUPxHkVPiv7r8V5mXrn3cB8Vn9WVdFGFKr9RSGBU3gRZfJ/HmrTdAk 9RJSKbmZR2mTC44jD8rmYu0yTPESfzB5RkuzuKyHZW6BV13MOIUXAlFSl44Qq1Z1 eNPg84TVj5KoBjueESVKWP/zm/b+Ef/Tr/7lSCgkHbIGQ/mhodnGg5iFItBqWgHG p57RVPlNSDJmdtk7k7Jg26FA+WkpYpc2MnMST6cbKDx7UvlQdHVdxRhry9M9+sJ1 S0WIfiDFpeZIYpSy+hKh/PVb/QmdmmJ/CLfxkPZ/x/P9qlIB8BLrmI/T5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH8rOIlqud6GW4+mwLb3IJrcfXi4MB8GA1UdIwQY MBaAFGrcLCCs+Zjwoy/nKf2yzJ0aAT/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82MTBiNTQtNDE3NC00NjA1LThjNTYt YjhhM2U5Y2ZlYWY3LzEvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82MTBiNTQtNDE3NC00NjA1LThjNTYtYjhhM2U5Y2ZlYWY3 LzEvYXR3c0lLejVtUENqTC1jcF9iTE1uUm9CUDlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsN5gSd6P d8vXneHJxNGQqRFp7ZniVGba7j9cC42J4N1FaUmLro6hqmEglz4a5VBf6uuNJwh4 q/NOQEBqxvHsE8U9czgG7DgrHcuDmMIuzafK+2RKa7CIASDUIBGz26VE9IhZwVwI jo5UMX2Yw+Rdf0HYYT91maL05K5Uszwhuzu2ivKmjMa5o8R30UW3kXfwy9BGw2Pg iYDd6/S3+cxE1JIz5zT12jJ7I+6t4NJcJsUaTjhwEfiI6Sttg+BmwwlAFRFJMMrJ m4EMjfWJEuJPtEYgINOENkzM1wR2fxnJAnQeYmRivM7Cj129f0x6hy0TuH7MWkT4 Ht7Mp6skK01bOQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:37 2025 by rpki-client